arcis golf ransomware

Arcis Golf yesterday confirmed it sent notifications to 15,461 people about a data breach that compromised names, Social Security numbers, financial account numbers, credit and debit card numbers, dates of birth, addresses, and driver’s license numbers.

Arcis did not publicly disclose when the breach occurred or how it happened. The breach was reported on the Texas attorney general’s website.

Ransomware group ALPHV/BlackCat claimed responsibility for an attack on the company in Febuary 2024, saying it stole 247 GB of data.

“Because of their misunderstanding and inability to negotiate, we share information with you,” said ALPHV/BlackCat in the February 13 post on its leak site. “You should not work with them, their structure is not protected, and the vulnerability has not been fixed. Companies that will be subject to attacks related to them should sue.”

In November 2023, a customer of the company posted a breach notification they received from Arcis on X (formerly Twitter).

Arcis has not verified ALPHV/BlackCat’s claim. We do not yet know whether a ransom was demanded or how attackers breached Arcis’ network. Comparitech contacted Arcis for comment and will update this article if it responds.

We recommend victims take advantage of any free credit monitoring and/or identity theft protection services offered by Arcis Golf.

Who is ALPHV/BlackCat?

ALPHV/BlackCat is responsible for some of the most high profile ransomware attacks of the past few years, including major attacks on LoanDepot, Prudential Insurance, Fidelity, VF Corporation, and Change Healthcare.

ALPHV/BlackCat went dark after the Change Healthcare attack in March 2024, when it reportedly pulled off an exit scam. ALPHV allegedly stole a $22 million ransom payment and pulled the rug out from under its affiliates, who were never paid. The attack on Arcis Golf most likely happened before ALPHV/BlackCat’s exit.

Comparitech researchers have recorded 200 confirmed ransomware attacks claimed by ALPHV/BlackCat to date, affecting 66.7 million individual records. Its average ransom was $41 million.

Ransomware attacks in the US

Comparitech logged 752 confirmed ransomware attacks in the US in 2023, affecting more than 213 million records. This year, we’ve tracked 211 attacks, affecting 24.8 million records. Another 950 attacks this year are unconfirmed.

The average ransom across all sectors in the US was $6.2 million in 2023, and $1.8 million this year so far.

About Arcis Golf

Arcis Golf operates about 70 golf clubs across the US. It’s been acquiring golf courses and clubs since 2013. It employs some 6,000 people, according to external sources.